Role: Information Security Architect Location: Stamford Responsibilities: Support design of information security systems and solutions that effectively balance business needs with cyber security requirements Identify emerging security threats and accordingly, architect elements/controls which can mitigate such threats Ensure alignment of security controls, standards and frameworks with business and technology strategy Identify security design gaps in existing and proposed architectures and recommend suitable changes/enhancements Technical security assessments and configuration reviews of a broad range of solution components – IT network and perimeter controls, endpoint/server security, email protection, Identity and Access management platforms etc. and facilitate remediation/closure of findings Required Skills and Experience Experience in security architecture, design and implementation of security solutions Strong foundations on design of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements. Strong understanding of Information security concepts including authentication, authorization, SAML, with experience on Identity and access management (IAM), Single Sign-On (SSO), Risk based authentication, Multi-factor authentication technologies Good Knowledge and Experience of Active Directory design, remote access, operating system hardening for servers/client machines, PKI/certificate services, web security gateways, EDR, Enterprise mobility management(EMM), MDM and MAM etc. Good knowledge and experience of Azure and AWS cloud environments and their security controls. Knowledge on Routing/ Switching, NAT/PAT, Access-Lists, DMZs, IPSEC VPN tunnels, firewall technologies (Cisco, PaloAlto, Checkpoint, Fortinet) etc. Security considerations of cloud computing: including data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks Understanding of NIST standards, ISO27001, COBIT, PCI-DSS etc. Exceptional communication skills with diverse audiences – Strong critical thinking and analytical skills with ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives with multiple departments Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects Security professional certifications such as CISSP, CISM, CISA, ISSAP, ISSEP, CEH etc.